{"metadata":{"_oai":{"id":"oai:ipsj.ixsq.nii.ac.jp:00218858","sets":["1164:6389:10832:10943"]},"path":["10943"],"owner":"44499","recid":"218858","title":["ランサムウェアに対するCPU命令実行抑止機構の提案と評価"],"pubdate":{"attribute_name":"公開日","attribute_value":"2022-07-12"},"_buckets":{"deposit":"cda01d97-df88-4983-9d27-cae129e364ed"},"_deposit":{"id":"218858","pid":{"type":"depid","value":"218858","revision_id":0},"owners":[44499],"status":"published","created_by":44499},"item_title":"ランサムウェアに対するCPU命令実行抑止機構の提案と評価","author_link":["570108","570111","570110","570109","570107"],"item_titles":{"attribute_name":"タイトル","attribute_value_mlt":[{"subitem_title":"ランサムウェアに対するCPU命令実行抑止機構の提案と評価"}]},"item_keyword":{"attribute_name":"キーワード","attribute_value_mlt":[{"subitem_subject":"CSEC","subitem_subject_scheme":"Other"}]},"item_type_id":"4","publish_date":"2022-07-12","item_4_text_3":{"attribute_name":"著者所属","attribute_value_mlt":[{"subitem_text_value":"東京農工大学"},{"subitem_text_value":"神戸大学大学院工学研究科"},{"subitem_text_value":"東京農工大学"},{"subitem_text_value":"神戸大学大学院工学研究科"},{"subitem_text_value":"神戸大学大学院工学研究科"}]},"item_4_text_4":{"attribute_name":"著者所属(英)","attribute_value_mlt":[{"subitem_text_value":"Tokyo University of Agriculture and Technology","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Engineering, Kobe University","subitem_text_language":"en"},{"subitem_text_value":"Tokyo University of Agriculture and Technology","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Engineering, Kobe University","subitem_text_language":"en"},{"subitem_text_value":"Graduate School of Engineering, Kobe University","subitem_text_language":"en"}]},"item_language":{"attribute_name":"言語","attribute_value_mlt":[{"subitem_language":"jpn"}]},"item_publisher":{"attribute_name":"出版者","attribute_value_mlt":[{"subitem_publisher":"情報処理学会","subitem_publisher_language":"ja"}]},"publish_status":"0","weko_shared_id":-1,"item_file_price":{"attribute_name":"Billing file","attribute_type":"file","attribute_value_mlt":[{"url":{"url":"https://ipsj.ixsq.nii.ac.jp/record/218858/files/IPSJ-SPT22048014.pdf","label":"IPSJ-SPT22048014.pdf"},"date":[{"dateType":"Available","dateValue":"2024-07-12"}],"format":"application/pdf","billing":["billing_file"],"filename":"IPSJ-SPT22048014.pdf","filesize":[{"value":"919.3 kB"}],"mimetype":"application/pdf","priceinfo":[{"tax":["include_tax"],"price":"660","billingrole":"5"},{"tax":["include_tax"],"price":"330","billingrole":"6"},{"tax":["include_tax"],"price":"0","billingrole":"46"},{"tax":["include_tax"],"price":"0","billingrole":"44"}],"accessrole":"open_date","version_id":"ef803bd8-509c-4030-b615-4aed30aed3be","displaytype":"detail","licensetype":"license_note","license_note":"Copyright (c) 2022 by the Information Processing Society of Japan"}]},"item_4_creator_5":{"attribute_name":"著者名","attribute_type":"creator","attribute_value_mlt":[{"creatorNames":[{"creatorName":"榎本, 秀平"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"葛野, 弘樹"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"山田, 浩史"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"白石, 善明"}],"nameIdentifiers":[{}]},{"creatorNames":[{"creatorName":"森井, 昌克"}],"nameIdentifiers":[{}]}]},"item_4_source_id_9":{"attribute_name":"書誌レコードID","attribute_value_mlt":[{"subitem_source_identifier":"AA12628305","subitem_source_identifier_type":"NCID"}]},"item_4_textarea_12":{"attribute_name":"Notice","attribute_value_mlt":[{"subitem_textarea_value":"SIG Technical Reports are nonrefereed and hence may later appear in any journals, conferences, symposia, etc."}]},"item_resource_type":{"attribute_name":"資源タイプ","attribute_value_mlt":[{"resourceuri":"http://purl.org/coar/resource_type/c_18gh","resourcetype":"technical report"}]},"item_4_source_id_11":{"attribute_name":"ISSN","attribute_value_mlt":[{"subitem_source_identifier":"2188-8671","subitem_source_identifier_type":"ISSN"}]},"item_4_description_7":{"attribute_name":"論文抄録","attribute_value_mlt":[{"subitem_description":"ランサムウェアによる意図しないファイル暗号化の被害は増加の一途を辿っており，オペレーティングシステム (OS) の種類や，システムの構成環境を問わず，様々なランサムウェアファミリが確認されている．それらのランサムウェアから情報資産を保護するためには，アンチウイルスソフトウェアの導入が有効である．しかし，既存のアンチウイルスソフトウェアはシグネチャや既知のランサムウェアの振舞いを用いたパターンベースでの検出と防御を行うため，新たなランサムウェアファミリに対し，既存のパターンデータでは検出が困難な場合がある．本研究では，既存のアンチウイルスソフトウェアに新たなパターンデータが配信されるまでの間，未知のランサムウェアによる攻撃を緩和させる新たな手法を提案する．提案手法では，ランサムウェアの実行時に AES-NI 命令セットが利用される点に着目した．AES-NI 命令セットが含まれる暗号化処理の実行時に OS にてスキップさせることで，暗号化を透過的に無効化する．提案手法を Linux  5.7.15 に実装し，評価実験を行った．評価結果より，既存のランサムウェアによる攻撃を緩和可能であること，ならびに多くの環境において低オーバヘッドを実現可能であることを確認した．","subitem_description_type":"Other"}]},"item_4_biblio_info_10":{"attribute_name":"書誌情報","attribute_value_mlt":[{"bibliographicPageEnd":"8","bibliographic_titles":[{"bibliographic_title":"研究報告セキュリティ心理学とトラスト（SPT）"}],"bibliographicPageStart":"1","bibliographicIssueDates":{"bibliographicIssueDate":"2022-07-12","bibliographicIssueDateType":"Issued"},"bibliographicIssueNumber":"14","bibliographicVolumeNumber":"2022-SPT-48"}]},"relation_version_is_last":true,"weko_creator_id":"44499"},"id":218858,"updated":"2025-01-19T15:00:30.965073+00:00","links":{},"created":"2025-01-19T01:19:12.162555+00:00"}